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Sir 
1. 



I, Suhail Nanji hereby declare that: 

Redback Networks Incorporated is the assignee of the above-identified patent application. 

2. I have reviewed the above-identified patent application, including the claims. I am the 
inventor of the invention claimed in the above-identified patent application. 

3. As a Redback Networks Incorporated employee, I was assigned the responsibility of 
developing Ethernet over Layer 2 Tunneling Protocol techniques for the Redback Networks 
Access Operating System, Release 3. 1, an operating system manufactured by Redback 
Networks Incorporated 

4. The invention claimed in the above-identified patent application was embodied in the 
Redback Networks Access Operating System, Release 3. 1. 

5. I have reviewed the Redback Networks publications cited by the Patent Examiner in the 
applicatioa The Redback Networks publications are entitled "Access Operating System 
Configuration Guide 3.1", dated 1999; "Access Operating System Command Reference 
Guide 3. 1", dated 2000; and "Release Note for Redback AOS, Release 3. 1 .4", dated April 
2000." A copy of the Redback Networks publications are attached hereto as Exhibits A, B, 
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and C, respectively. These publications are manuals for the Redback Networks Access 
Operating System, Release 3.1. 
6. The subject matter related to my invention disclosed in the Redback Networks publications is 
attributable to me and was published on my behalf. 

I, Suhail Nanji, hereby declare that all statements herein of my own knowledge are true and 
that all statements made on information and belief are believed to be true; and further that these 
statements are made knowing that willful false statements and the like are punishable by fine or 
imprisonment, orbothunder§ 1001 of Title 18 of United States Code, and such willful or false 
statements may jeopardize the validity of the above-identified application or any patent issuing 
therefrom. 
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Rights and Restrictions 



All statements; specifications, recommendations, and technical information contained are current or planned as of the date of publication of this document. They are reliable as of 
the time of this writing and arc presented without warranty of any kind, expressed or implied. In an effort to continuously improve the product and add features, Redback 
Networks, Inc. ("Redback") reserves the right to change any specifications contained in this document without prior notice of any kind, 

Redback shall not be liable for technical or editorial errors or omissions which may occur in this document. Redback shall not be liable for any indirect, special, incidental or 
consequential damages resulting from the furnishing, performance, or use of this document 

The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits 

for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is 
operated in a commercial environment This equipment generates, uses, and can radiate radio- frequency energy and, if not installed and used in accordance with the instruction 
manual, may cause harmful interference to radio communications, Operation of this equipment in a residential area is likely to cause harmful interference, in which case users 
will be required to correct the interference at their own expense. 

Any modifications to this product not authorized by Redback could void the FCC approval and negate the user's authority to operate the product. 

Limited Hardware Warranty and Disclaimer 

Limited Warranty. Redback warrants to the original purchaser of the product ("Purchaser") only that the hardware sold hereunder shall be free of defects in material and 
workmanship and shall perform, under normal use and circumstances, in accordance with Redback's published specifications for a period of ninety (90) days from the shipment 
date. In the event that Redback receives notice from Purchaser during the warranty period that any hardware does not conform to its warranty, Redback shall, at its sole option 
(and as Purchaser's sole remedy), either repair or replace the non-conforming hardware, or refund the purchase price of such unit Hardware replaced under the terms of any such 
warranty may be refurbished or new equipment substituted at Redback's option. This warranty is the only warranty made by Redback with respect to the hardware delivered 
hereunder and may be modified, amended or supplemented only by a written instrument signed by a duly authorized officer of Redback and accepted by Purchaser. 

Procedures. A hardware item may only be returned with the prior written approval of Redback. Any such approval shall reference a return material authorization number issued 
by authorized Redback service personnel Transportation costs, if any, incurred in connection with the return of a defective item to Redback shall be borne by Purchaser. Any 
transportation costs incurred in connection with the re-delivery of a repaired or replaced item to Purchaser shall be borne by Redback; provided that, such costs shall be borne by 
Purchaser if Redback reasonably determines that the item is not defective. If Redback determines, in its sole discretion, that the allegedly defective item is not covered by the 
terms of the warranty provided hereunder or that a warranty claim is made after the warranty period, the cost of repair by Redback, including all shipping expenses, shall be 
reimbursed by Purchaser. 

Exclusions. The foregoing warranties and remedies are for Purchaser's exclusive benefit and are non-transferable. The foregoing warranties do not apply to any hardware which 
(1 ) has been altered, except as authorized by Redback, (2) has not been installed, operated, repaired, or maintained in accordance with any installation, handling, maintenance, or 
operating instructions supplied by Redback, (3) has been subjected to unusual physical or electrical stress, misuse, negligence, or accident (4) is used in ultrahazardous activities, 
(5) has been damaged or rendered unserviceable by installation or use outside of environmental specifications, or (6) has been exported from the original country of destination. 
In no event does Redback warrant that Purchaser will be able to operate its networks without problems or interruptions. 

Third Party Products. Where a product not manufactured by Redback is sold by Redback hereunder to complete an order, the warranty coverage on that product is limited to its 
original manufacturer's warranty to the Purchaser, if any. 

THE LIMITED WARRANTIES SET FORTH ABOVE ARE IN LIEU OF ALL OTHER WARRANTIES, WHETHER EXPRESSED, IMPLIED, STATUTORY OR 
OTHERWISE, AND REDBACK SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR 
PURPOSE. REDBACK DOES NOT WARRANT THAT THE PRODUCTS WILL MEET PURCHASER'S REQUIREMENTS OR THAT THE OPERATION OF THE 
PRODUCTS WILL BE UNINTERRUPTED OR ERROR FREE. 

Software License Agreement 

CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS. BY INSTALLING AND USING SOFTWARE INCLUDED WITH THE REDBACK PRODUCTS, 
YOU ARE AGREEING TO BE BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, DO NOT USE THE 
REDBACK PRODUCTS. 

1. SOFTWARE 

The software covered by this license agreement includes (i) all Redback proprietary software provided with the product, whether provided on magnetic media or embedded in the 
product as firmware, and (n) any third party owned software licensed to Redback and provided by Redback with the product (jointly, the "Software")- The following third party 
Software may be included with your product and is subject to this software license agreement: 

a SNMP Monolithic Agent Copyright © 1992-1998 SNMP Research International, Inc. All rights reserved 

b. VxWorks. Copyright O 1984-1998 Wind River Systems, Inc. All rights reserved 

c. The Redback Networks adaptation and implementation of the UDP and TCP protocols developed by the University of California, Berkeley (UCB) as part of UCB's 
public domain version of the UNIX operating system. Copyright O 1982, 1986, 1988, 1990, 1993, 1995 The Regents of the University of California. All rights reserved 
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code 
must retain the above copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list 
of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (3) All advertising materials mentioning features or use of 
this software must display the following acknowledgment: This product includes software developed by the University of California, Berkeley and its contributors. (4) Neither 
the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written pemrtissioa 

d Point-to-Point Protocol (PPP). Copyright O 1 989, Carnegie- Mellon University. All rights reserved. The name of the University may not be used to endorse or promote 
products derived from this software without specific prior written permission. 



e. Dynamic Host Configuration Protocol (DHCP) developed by The Internet Software Consortium. Copyright O 1 997, 1998. All rights reserved. Redistribution and use in 
source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code must retain the above 
copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the 
following disclaimer in the documentation and/or other materials provided with the distribution. (3) Neither the name of The Internet Software Consortium nor the names of its 
contributors may be used to endorse or promote products derived from this software without specific prior written permission. 

2. LICENSE 

Redback hereby grants to the original end user of the products ("Licensee") only, and Licensee hereby accepts, a personal, non-transferable, non-exclusive license to use the 
Software and related product documentation (the "Documentation") in accordance with the terms and conditions of this agreement. 

Licensee may use the Software solely with the original Redback products or system with which it is provided (the "System 1 '). Licensee may not transfer the Software to or use die 
Software on any equipment other than the System, whether or not such other equipment shall have been manufactured by Redback. This license shall expire upon sale of the 
System by Licensee. 

Licensee agrees not to make any copies of the Software or the Documentation, in whole or in part, other than one permitted copy of the Software and Documentation which 
Licensee may maintain for archival purposes only. Licensee agrees not to modify, translate, reverse engineer, de-compile, disassemble, or create derivative works based on the 
Software, except to the extent that the foregoing may not be prohibited by applicable law. 

Licensee agrees to take reasonable steps to safeguard copies of the Software against disclosure, copying or use by unauthorized persons, and to take reasonable steps to ensure 
that the provisions of this license are not violated by Licensee's employees or agents. 

3. TITLE 

Licensee acknowledges and agrees that all right, title and interest in and to the Software and Documentation, including all intellectual property rights therein, shall remain the 
property of Redback or its suppliers, subject only to the limited license to use granted to Licensee hereunder. This license is not a sale and does not transfer to Licensee any title 
or ownership in or to the Software or the Documentation or any patent, copyright, trade secret, bade name, trademark or other proprietary or intellectual property rights related 
thereto. 

4. NONTRANSFERABILITY 

Licensee may not rent, transfer, assign, sublicense or grant any rights in the Software or Documentation, in full or in part, to any other person or entity. 

5. NO SOFTWARE WARRANTY 

Redback warrants to Licensee only that the media on which the Software is recorded shall be free from defects in materials and workmanship under normal use for a period of 
ninety (90) days from the date of shipment by Redback. Licensee's sole and exclusive remedy, and RedbacVs sole and exclusive liability, shall be replacement of the media in 
accordance with this limited warranty. 

THE SOFTWARE IS PROVIDED "AS IS." REDBACK EXPRESSLY DISCLAIMS AND NEGATES ALL WARRANTIES FOR THE SOFTWARE, WHETHER 
EXPRESSED, IMPLIED, STATUTORY OR OTHERWISE, AND REDBACK SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, 
FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT OF INTELLECTUAL PROPERTY OR OTHER VIOLATION OF RIGHTS. REDBACK DOES NOT 
WARRANT THAT THE SOFTWARE WILL MEET PURCHASER'S REQUIREMENTS OR THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED 
OR ERROR FREE. 

Some states or countries do not allow exclusion or limitation of incidental or consequential damages or limitation on how long an implied warranty lasts, so the above limitations 
or exclusions may not apply to Licensee. This warranty gives Licensee specific legal rights and Licensee may also have other rights, which vary from state to state or country to 
country. 

6. TERMINATION 

This agreement shall continue in effect until terminated hereunder. This agreement shall terminate automatically on Licensee's failure to comply with any of the restrictions and 
provisions herein, including without limitation any attempt to transfer this license. Upon any termination of this agreement. Licensee agrees promptly to destroy or return to 
Redback all copies of the Software and Documentation, including without limitation all original and archival copies thereof. No refunds shall be given for such returned 
materials. Notwithstanding any termination of this License, the rights and obligations set forth in Sections 3 (Title), 4 (N on- transferability), 5 (Limited Software Warranty), 6 
(Termination), 7 (Limitation of Liability) and 8 (Miscellaneous) shall survive such termination. 

7. ILS. GOVERNMENT RESTRICTED RIGHTS 

The Software and Documentation are provided with Restricted Rights. Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) 
(1) (ii) of The Rights in Technical Data and Computer Software clause at DEARS 252.227-70 13 or subparagraphs (c) ( 1) and (2) of the Commercial Computer 
Software— Restricted Rights at 48 CFR 52.227-19, as applicable. Manufacturer is Redback Networks, Inc., 1389 Moffett Park Drive, Sunnyvale, California 94089. 

8. MISCELLANEOUS 

a. Licensee may not assign or transfer any of its rights or delegate any of its obligations under this agreement Any attempted assignment or delegation by Licensee shall 
be null and void. 

b. No delay, failure or waiver by either party to exercise any right or remedy under this agreement shall operate to limit, preclude, cancel or waive any exercise of such 
right or remedy or the exercise of any other right or remedy. 

c. This agreement shall be governed by and construed in accordance with the laws of the State of California without regard to conflict of laws principles and without 
regard to the 1980 U.N. Convention on Contracts for the International Sale of Goods. The federal and state courts of California shall have exclusive jurisdiction and venue to 
adjudicate any dispute arising out of this agreement, and Licensee expressly consents to (i) the personal jurisdiction of the state and federal courts of California and (ti) service of 
process being effected upon it by registered mail sent to the Licensee. 

d. If any provision in this agreement shall be found or be held to be invalid or unenforceable in any jurisdiction in which this agreement is being performed, then the 
meaning of said provision shall be construed, to the extent feasible, so as to render the provision enforceable, and if no feasible interpretation would save such provision, it shall 
be severed from the remainder of this agreement, which shall remain in full force and effect. In such event, the parties shall negotiate, in good faith, a substitute, valid and 
enforceable provision, which most nearly effects the parties' intent in entering into this agreement. 

e. This software license agreement incorporates the General Limitation of Liability and Damages provisions set forth below. 



f. This agreement constitutes the entire agreement between Licensee and Redback with respect to the subject matter of this agreement and shall supersede all prior oral or 
written understandings, communications or advertising. This agreement may be amended or modified only in writing signed by both parties. 

Limitation of Liability and Damages 

THE FOLLOWING LIMITATION OF LIABILITY AND DAMAGES APPLIES TO ALL HARDWARE, SOFTWARE AND DOCUMENTATION SOLD, LICENSED OR 
OTHERWISE DISTRIBUTED BY REDBACK OR ITS RESELLERS. 

IN NO EVENT SHALL REDBACK, ITS SUPPLIERS OR ITS DISTRIBUTORS BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL 
DAMAGE, INCLUDING WITHOUT LIMITATION LOSS OF DATA, LOST PROFITS OR COST OF COVER, ARISING FROM THE USE OF THE HARDWARE, 
SOFTWARE OR DOCUMENTATION OR ANY DEFECT IN THE HARDWARE, SOFTWARE OR DOCUMENTATION, HOWEVER CAUSED AND ON ANY THEORY 
OF LIABILITY THIS LIMITATION SHALL APPLY EVEN IF REDBACK, ITS SUPPLIERS OR ITS DISTRIBUTOR SHALL HAVE BEEN ADVISED OF THE 
POSSIBILITY OF ANY SUCH DAMAGE. IN PARTICULAR, BUT WITHOUT LIMITATION, REDBACK, ITS SUPPLIERS AND ITS DISTRIBUTORS SHALL HAVE 
NO LIABILITY FOR THE LOSS OF ANY INFORMATION STORED OR COMMUNICATED OR ATTEMPTED TO BE STORED OR COMMUNICATED WITHIN ANY 
REDBACK SYSTEM USING THE HARDWARE OR SOFTWARE. 

THE MAXIMUM AGGREGATE LIABILITY OF REDBACK AND ITS SUPPLIERS FOR ANY CLAIM ARISING OUT OF USE OF THE HARDWARE, SOFTWARE OR 
DOCUMENTATION OR ANY DEFECT IN THE HARDWARE, SOFTWARE OR DOCUMENTATION, ON ANY AND ALL THEORIES OF LIABILITY, INCLUDING 
WITHOUT LIMITATION NEGLIGENCE BY REDBACK, SHALL IN ALL EVENTS BE LIMITED TO RETURN OF THE AMOUNTS ACTUALLY PAID TO REDBACK 
FOR THE DEFECTIVE HARDWARE OR SOFTWARE, LESS DEPRECIATION OF SUCH AMOUNTS LINEARLY OVER A THREE-YEAR PERIOD, WHICH THE 
PARTIES AGREE CONSTTTUTES A REASONABLE RATE OF DEPRECIATION. 

FCC Notice 

This equipment has been tested and found to comply with the limits tor a Class B digital device, pursuant to Part 1 5 of the FCC Rules, This equipment generates, uses, and can 
radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no 
guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined 
by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: 

Increase the separation between equipment and receiver 

Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 
Consult the dealer or an experienced radio or television technician for help. 

1. MODIFICATIONS 

The FCC requires the user to be notified that any changes or modifications made to this device that are not expressly approved by Redback could void the user's authority to 
operate the equipment. 

2. CABLES 

Connection to this device must be made with shielded cables with metallic RF1/EMI connector hoods to maintain compliance with FCC Rules and Regulations. 

3. OPERATING CONDITIONS 

This device complies with Part 1 5 of the FCC Rules. Operation is subject to the following two conditions: (I ) this device may not cause harmful interference, and (2) this device 
must accept any interference received, including interference mat may cause undesired operation. 

4. POWER CORD SET REQUIREMENTS 

The power cord set used with the System must meet the requirements of the country, whether it is 100-120 or 220-264 VAC. 
U.S. and Canada. The cord set must be UL Listed and CSA Certified 

5. SAFETY NOTICES 

a. Laser Equipment: 

CAUTION! USE OF CONTROLS OR ADJUSTMENTS OF PERFORMANCE OR PROCEDURES OTHER THAN THOSE SPECIFIED HEREIN MAY RESULT IN 
HAZARDOUS RADIATION EXPOSURE. 

b. Lithium Battery: 

It is recommended that, when required, Redback replace the lithium battery. 

CAUTION! DANGER OF EXPLOSION IF BATTERY IS INCORRECTLY REPLACED. REPLACE ONLY WITH THE SAME OR EQUIVALENT TYPE IS 
RECOMMENDED BY THE MANUFACTURER'S INSTRUCTIONS. 

Year 2000 (Y2K) Compliance 

The SMS 1000 and SMS 500 are Year 2000 (Y2K) Compliant This means that the SMS i 000 and SMS 500 accurately process date/time data (including, but not limited to, 
calculating, comparing, and sequencing) from, into, and between the twentieth and twenty-first centuries, and the years 1999 and 2000 including the year 2000 leap-year 
calculations. Furthermore, when used in combination with other information technology, the SMS 1000 and SMS 500 accurately process date/time data to the extent other 
information technology properly exchanges date/time data with it 

Copyright O 1999, Redback Networks, Inc. AH Rights Reserved. 

Redback and the Subscriber Management System are trademarks of Redback Networks, Inc. All other products or services mentioned are the trademarks, service marks, 
registered trademarks, or registered service marks of their respective owners. 
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Once the default settings have been changed, the new values will be applied to any new peer that is created 
unless the values are changed in the configuration for an individual peer. 

Configuring Ethernet over L2TP 



This section describes how to configure L2TP tunnels to carry Ethernet-encapsulated PPPoE sessions. 
Before configuring your system for Ethernet over L2TP, be sure to read the preceding section called 
"Configuring L2TP." 

By allowing Ethernet sessions over L2TP tunnels, AOS is able to provide the LNS full control over the 
advertisement of services. The following sections are included: 

• "Overview" 

• "Configuration Tasks on the LAC Side" 

• "Configuration Tasks on the LNS Side" 

• "Configuration Examples" 

For a complete description of the commands related to Ethernet over L2TP, see the Access Operating 
System (AOS) Command Reference. 

Overview 

The AOS implementation of Ethernet over L2TP allows Ethernet sessions to be tunneled intact to the LNS. 
Since Ethernet connectivity is required for advertisement of services, this is a significant advantage for the 
LNS. Figure 5-15 shows the relationship of protocols/encapsulations between a LAC and an LNS in the 
three types of sessions that might be tunneled in this fashion: PPP over Ethernet (PPPoE), IP over Ethernet, 
and Bridging. 
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Figure 5-15 Protocol Stack When Tunneling Ethernet over L2TP 
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It is important to note that if more than one Ethernet session is tunneled from one peer and bound to the 
same interface on the LNS, AOS can not use ARP to resolve the IP address to a physical/MAC address. As 
an alternative, you can use DHCP with secured ARP as a way to map IP addresses to physical MAC 
addresses. 



Configuration Tasks on the LAC Side 

To configure Ethernet over L2TP on the LAC side, you must first set up the L2TP peers according to the 
instructions in the previous section, "Configuring L2TP Then, perform the tasks in the following sections: 

• "Identify the Ethernet Ports or Bridge-Encapsulated Circuits" 

• "Bind the Ports or Bride-Encapsulated Circuits to the Peers" 

• "Enable Ethernet Sessions Retry over L2TP" 



Identify the Ethernet Ports or Bridge-Encapsulated Circuits 



The first step is to decide which Ethernet ports or bridge-encapsulated circuits you want tunneled over 
L2TP. This is necessary because you will be "hard" binding them to L2TP peers. 



Bind the Ports or Bride-Encapsulated Circuits to the Peers 

To bind a port or circuit to an L2TP peer, enter the following command in port, circuit, or HDLC channel 
configuration mode as appropriate: 

bind session peer-name context 
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where peer-name is the name of the L2TP peer to which the circuit or port is to be bound and context is the 
context in which that peer exists. If you are binding an Ethernet port, the bind session command puts the 
port into "promiscuous mode" which means that it will ignore MAC addresses and tunnel everything to the 
LNS. The concept of promiscuous mode is implicit for Bridged 1483 and Bridged 1490 encapsulated 
circuits. 

Enable Ethernet Sessions Retry over L2TP 

To enable the creation of Ethernet sessions over L2TP, enter the following command in context 
configuration mode: 

aaa authentication re-try minutes 

where minutes is the number of minutes the system is to wait before re-attempting to connect after failure 
to establish a session to the tunnel peer. By default, no further attempts are made once an attempt to create 
a session has failed. No attempt is made to create a connection until data begins to come through over the 
circuit/port. 

Configuration Tasks on the LNS Side 

To configure Ethernet over L2TP from the LNS side, you must first set up the L2TP peers as described in 
the previous section, "Configuring L2TP."Then, perform the tasks in the following sections: 

• "Determine How Subscribers Will Be Terminated" 

• "Bind the Sessions" 

Determine How Subscribers Will Be Terminated 

Subscribers can be terminated in one of two ways: IP over Ethernet or PPPoE. These two encapsulations 
are mutually exclusive and apply to all Ethernet-encapsulated sessions from the peer. This decision is made 
on the LNS side because the LAC is intended to send everything, without evaluation. 

If the client is using PPPoE, configure the peer as such by entering the following command in L2TP 
configuration mode: 

ethernet encapsulation ppp over-ethernet 

If the client is using IP over Ethernet, the default setting for this command (ppp) is what you want. 

Bind the Sessions 

To bind a session to a PPPoE client, enter the following command in L2TP configuration mode: 

ethernet session auth {pap | chap | chap pap} [maximum sessions] [context name | service-group 
name]} 

where pap, chap, and chap pap are authentication method choices, the maximum sessions construct 
allows you to limit the number of PPPoE sessions allowed per L2TP session, the context name construct 
allows you to restrict the Ethernet-encapsulated PPPoE sessions to the named context, and the 
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service-group name construct allows you to limit the services available to those permitted by the named 
service access list. If the peer is not first encapsulated as PPPoE (with the ethernet encapsulation ppp 
over-ethernet command), the auth construct is not available on the command line. 

To bind a session to an IP over Ethernet client, enter the following command in L2TP configuration mode: 

ethernet session interface interface context 

where interface is the name of the interface to which the Ethernet session is to be bound and context is the 
name of the context in which the interface exists. 

Configuration Examples 

The following example shows configuring an L2TP peer to terminate subscribers as PPPoE and bind the 
Ethernet sessions to the peer with CHAP PAP: 

[local] RedBack (config-ctx) #12tp-peer name In amain media pvc 

[local] RedBack (config- 12 tp) #ethernet encapsulation ppp over-ethernet 

[local] RedBack (config-12tp) ttethernet session auth pap 

Configuring L2F 



This section describes AOS* ability to interoperate with legacy systems that are implementing Cisco's 
Layer 2 Forwarding (L2F) protocol. L2F supports the creation of secure virtual private dial-up networks 
over the Internet and is one of the predecessors to L2TP. 

The following sections are included: 

• "Overview** 

• "Configuration Tasks" 

• "Configuration Examples" 

For a complete description of the commands related to L2F, see the Access Operating System (AOS) 
Command Reference. 

Overview 

The AOS implementation of L2F supports the following: 

• Both Network Access Server (NAS) and home gateway functions. Consistent with the limitations of the 
L2F protocol, a peer may function as one or the other, but not both. 

• Tunnel switching between L2F tunnels and between L2F and L2TP tunnels. 

• UDP/IP tunnel encapsulation, 

• A tunnel may be defined in one context, while the sessions within that tunnel may be terminated or may 
be further tunneled (tunnel switch) in any contexts. 

• L2F tunnel configurations can be configured locally (in the AOS configuration file) or they can be 
served by RADIUS. 
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ethernet encapsulation ppp over-ethernet 
default ethernet encapsulation 

Purpose 

Specifies the type of Ethernet encapsulation to be used for any Ethernet on the L2TP peer 

Syntax Description 

ppp over-ethernet Specifies that the type of Ethernet encapsulation to be used is PPP over 

Ethernet (PPPoE). 

Default 

IP/bridging encapsulation is selected for Ethernet over L2TP sessions if this command is not used. 

Usage Guidelines 

At this time, PPPoE is the only encapsulation option available using this command. If this command is not 
issued, the encapsulation for the peer is set to IP/bridging for Ethernet over L2TP sessions. 

Use this command when you want to be able to have Ethernet encapsulated sessions through L2TP tunnels. 

The default form of this command resets the encapsulation to IP/bridging. 

Examples 

The following example sets the Ethernet encapsulation on an L2TP peer to PPPoE: 
[local] RedBack (config-ctx) #12tp-peer name peerl 

[local] RedBack (conf ig-12tp) # ethernet encapsulation ppp over-ethernet 

Related Commands 

I2tp-peer name 
I2tp-peer unnamed 
show 12tp info 
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ethernet session {{auth {pap | chap | chap pap} [maximum sessions] [context name | 
service-group name]} | interface interface context] 

no ethernet session 



Purpose 



Specifies the authentication method to be used for the Ethernet session on the L2TP peer. 



Syntax Description 

auth pap 
auth chap 

auth chap pap 

maximum sessions 

context name 

service-group name 
interface interface context 



Specifies that Password Authentication Protocol (PAP) be used to 
obtain the usemame and password from the subscriber. 

Specifies that Challenge Handshake Authentication Protocol 
(CHAP) be used to obtain the username and password from the 
subscriber. 

Specifies that either PAP or CHAP can be used to obtain the 
username and password from the subscriber, but that CHAP is 
preferred. 

Optional when auth is specified. Maximum number of PPPoE 
sessions allowed per L2TP session. Valid range is 0 (which means 
there is no maximum) through 8000. The default value is 0. 

Optional when auth is specified. Restricts PPPoE sessions with 
Ethernet encapsulation on the circuits and ports being bound to the 
specified context. 

Optional when auth is specified. Limits the services available to the 
circuit or port to those permitted by the named service access list. 

The name of the interface to which the Ethernet session is to be 
bound and the name of the context within which the interface exists. 



Default 



None 
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Usage Guidelines 

The auth and interface constructs are mutually exclusive. The auth construct is only available when the 
session is PPPoE with Ethernet encapsulation. Otherwise, the interface construct is available. The 
authentication controlled by the auth construct is only for the Ethernet-encapsulated PPPoE session carried 
by the tunnel, not any PPP sessions that might also be present. For the PPP sessions, the session auth 
command controls the authentication method. 

The no form of this command removes the setting. 

Examples 

The following example shows setting the authentication method for an Ethernet-encapsulated PPPoE 
session: 

[local] RedBack (conf ig-ctx) #12 tp-peer name peerl 

[local] RedBack (conf ig-l2tp) #ethernet session auth chap pap 

Related Commands 

12tp-peer name 
I2tp-peer unnamed 
show 12 tp info 
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L2F 



AOS Release 3.1 includes support for Cisco's Layer 2 Forwarding (L2F) protocol. You can configure the 
SMS to operate as a Network Access Server (NAS) or Home Gateway (HG) for UDP/IP-based tunnels. 

L2TP 

AOS Release 3.1 includes the following L2TP enhancements: 

• Fixed service selection — You can configure an LNS to hardwire PPP sessions that arrive from an L2TP 
peer to a specific context. This feature enables you to disable dynamic service selection for the PPP 
sessions that arrive from an L2TP peer. 

• Ethernet over tunnels — You can now tunnel Ethernet (including bridged 1483 and bridged 1490 
circuits) over an L2TP tunnel. A tunnel can support both Ethernet and PPPoE traffic concurrently. 

• Per-session ID string over tunnels — When running as an LT^S, AOS now adds the originating LACs 
local name as the session ID string. 

• Additional L2TP counters — The show I2tp counters and show I2tp info operator exec commands now 
include established sessions, total established sessions, and total failed sessions counters in the 
command output. 

• L2TP AVPs — AOS Release 3. 1 includes several new vendor-specific L2TP attribute-value pairs 
(AVPs). See Appendix F, "L2TP Attribute Value Pairs " in the Access Operating System (AOS) 
Configuration Guide. 

ATM 

• ATM IMA — AOS Release 3. 1 supports the ATM Forum Inverse Multiplexing for ATM (IMA) Version 
1 .0 (AF-PHY-0086.000) and Version 1 . 1 (AF-PHY-0086.001 ) specifications. Using the IMA feature, 
you can configure multiple ports on an ATM Tl I/O module to operate as a single link. 

• Increased VCI range — The range of VCIs for ATM Version 2 I/O modules is 1 through 65535 for ATM 
Version 2 I/O modules. 

• GFR traffic shaping — Use the new gfr option for the shaping ATM profile configuration command to 
specify shaping based on Guaranteed Frame Rate. GFR is supported on ATM Version 2 I/O modules 
only. 

• Shaped virtual paths — Use the new atm vp port configuration command to create a shaped virtual path. 
Virtual paths are supported on ATM Version 2 I/O modules only. 

Service Access Lists 

You can define service access lists to restrict the available services (such as contexts and tunnels) available 
to subscribers on a per-circuit basis. 

AAA 

AOS Release 3. 1 supports the following new AAA features and enhancements: 
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